<?php
/* -=-=-=-=-=-=-=-=-=-=-=-=-
     author by terry
-=-=-=-=-=-=-=-=-=-=-=-=- */
error_reporting(7);
require "global.php";


//change status
if($_GET[changeid]!=''){
   $sql = "UPDATE pa_candidates SET `js_status`='".$_GET[changeid]."'  WHERE js_id ='".$_GET[id]."' ";
   $DB->query($sql);
   $_GET[action]="list";
}


cpheader();
//set offset
if(!empty($_POST[offset]))
{$offset = $_POST[offset];}
else if  (!empty($_GET[offset]))
{$offset = $_GET[offset]; }
else  {$offset = 0; }


if ($_GET[action]=="add"||$_GET[action]=='mod'||$_GET[action]=='view'){

    $cpforms->inithtmlarea();
	if($_GET[action]=="add"){
			$cpforms->formheader(array('title'=>'Add New Candidates (<font color=red>*</font>=Required Field)',
										'name'=>'article'));

			$cpforms->makehidden(array('name'=>'action',
									   'value'=>'doinsert'));
			$rs[StartDate] = $rs[EndDate] = time();
	}
	if($_GET[action] == "mod"){
			$cpforms->formheader(array('title'=>'Modify Candidates (<font color=red>*</font>=Required Field)',
										'name'=>'article'));

			$cpforms->makehidden(array('name'=>'action',
									   'value'=>'update'));
		    $candidatesid = intval($_GET[id]);
			$cpforms->makehidden(array('name'=>'id',
									   'value'=>$candidatesid));
			$cpforms->makehidden(array('name'=>'offset',
									   'value'=>$offset));
            $read =1;
	        $rs  = $DB->fetch_one_array("SELECT * FROM ".$db_prefix."candidates WHERE js_id =".$candidatesid);
	}

	if($_GET[action]=="view"){
			$cpforms->formheader(array('title'=>'View Candidates (<font color=red>*</font>=Required Field)',
										'name'=>'article',
				                        'enctype'=>'multipart/form-data'));
		    $candidatesid = intval($_GET[id]);
			$cpforms->makehidden(array('name'=>'id',
									   'value'=>$candidatesid));
			$cpforms->makehidden(array('name'=>'offset',
									   'value'=>$offset));
            $view =1;
	        $rs  = $DB->fetch_one_array("SELECT * FROM ".$db_prefix."candidates WHERE js_id =".$candidatesid);
	}

	
	?>
<?       

	       $cpforms->gethightext(array('text'=>"√Username",'name'=>"user_name",'only'=>1,'value'=>"$rs[js_uname]",'read'=>"$read",'view'=>"$view",'icon'=>"'Username is 6-12 Characters and is Case Sensitive.', WIDTH, 200, SHADOW, true"));
	       $cpforms->gethightext(array('text'=>"Password",'name'=>"password",'type'=>"password",'only'=>1,'view'=>"$view",'icon'=>"'Password is 6-12 Characters and is Case Sensitive.', WIDTH, 200, SHADOW, true"));
		   $cpforms->longline(array('title'=>"User Information"));
		   $cpforms->gethightext(array('text'=>"Your First Name",'name'=>"firstname",'only'=>1,'value'=>"$rs[js_fname]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"Your Last Name", 'name'=>"lastname",'only'=>1,'value'=>"$rs[js_lname]",'view'=>"$view"));
           $cpforms->gethightext(array('text'=>"Your Email Address", 'name'=>"email",'only'=>1,'value'=>"$rs[js_email]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"Your Phone", 'name'=>"phone",'only'=>1,'value'=>"$rs[js_phone]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√Your Job Title", 'name'=>"jobtitle",'only'=>1,'value'=>"$rs[js_title]",'view'=>"$view"));
		   $cpforms->makeselect(array('text'=>"√Industry Category", 'name'=>"industry",'only'=>1,'option'=>$jobcategory,'selected'=>"$rs[js_industry]",'view'=>"$view",'viewfunction'=>'jobcategory'));
		   $cpforms->gethightext(array('text'=>"√Your Skype ID", 'name'=>"skype",'value'=>"$rs[js_skypeid]",'view'=>"$view",'icon'=>"' If you do not have a Skype ID, you may complete this field later.  To get FREE Skype, <a href=\'http://www.skype.com/download\'>Go Here</a>', WIDTH, 200, TITLE,'', SHADOW, true, FADEIN, 100, FADEOUT, 100, STICKY, 1,  CLOSEBTN, true, CLICKCLOSE, true"));
		   $cpforms->gethightext(array('text'=>"Address",'name'=>"address",'only'=>1,'value'=>"$rs[js_address1]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"√Location - City",'name'=>"locity",'only'=>1,'value'=>"$rs[js_city]",'view'=>"$view"));
		   $cpforms->makeselect(array('text'=>"√Location - State", 'name'=>"lostate",'only'=>1,'option'=>$state,'selected'=>"$rs[js_state]",'view'=>"$view",'viewfunction'=>'state'));
		   $cpforms->gethightext(array('text'=>"√Location - Zip Code",'name'=>"lozip",'only'=>1,'value'=>"$rs[js_zip]",'view'=>"$view"));

		   $cpforms->makeselect(array('text'=>"√Location - Country",'name'=>"locountry",'only'=>1,'option'=>$country,'selected'=>"$rs[js_country]",'view'=>"$view",'viewfunction'=>'country'));
           $cpforms->gethighradio(array('text'=>"Would you like to subscribe to our newsletter",'name'=>"newsmailist",'only'=>1,'selected'=>"$rs[js_newsmailist]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"How did you hear about us?",'name'=>"howus",'only'=>1,'value'=>"$rs[js_howus]",'view'=>"$view"));
		   $cpforms->gethightext(array('text'=>"Service Code",'name'=>"servicecode",'value'=>"$rs[js_servicecode]",'view'=>"$view",'icon'=>"'If you have a service code please enter it here.', WIDTH, 200, SHADOW, true"));
?>

<?
		
      if($_GET[action]=="view"){$cpforms->noformfooter();}
	   else{ $cpforms->formfooter(array('confirm'=>1));}
}


if ($_GET[action]=="list"){


	if($_GET[action]=="list"){   
		$nav = new buildNav;

		$total = $DB->fetch_one_array("SELECT COUNT(*) AS count FROM ".$db_prefix."candidates");

		$nav->total_result = $total[count];

		if (empty($total[count])) {
			pa_exit("<font color=red>No candidates!</font><input type=button value='Add New' onclick='location.href=\"candidates.php?action=add\"'>");
		}
		$by = "js_id"; 
		$order = "DESC";
        $_GET[order1]==''&&$order1=1;$_GET[order2]==''&&$order2=1;$_GET[order3]==''&&$order3=1;$_GET[order4]==''&&$order4=1;
		$_GET[order5]==''&&$order5=1;$_GET[order6]==''&&$order6=1;$_GET[order7]==''&&$order7=1;
		switch($_GET[swh]){
		   case 1:
			   $by = "js_fname";
               if($_GET[order1]==1){$order1=2; $order=" DESC ";$image1 = "<img src=\"images/dot1.gif\">";}else{$order1=1;$order=" ASC ";$image1 = "<img src=\"images/dot2.gif\">";}
			   break;
           case 2:
               $by = "js_lname";
               if($_GET[order2]==1){$order2=2; $order=" DESC ";$image2 = "<img src=\"images/dot1.gif\">";}else{$order2=1;$order=" ASC ";$image2 = "<img src=\"images/dot2.gif\">";}
			   break;
		   case 3:
                $by = "js_industry";
               if($_GET[order3]==1){$order3=2; $order=" DESC ";$image3 = "<img src=\"images/dot1.gif\">";}else{$order3=1;$order=" ASC ";$image3 = "<img src=\"images/dot2.gif\">";}
			   break;
		   case 4:
               $by = "js_title";
               if($_GET[order4]==1){$order4=2; $order=" DESC ";$image4 = "<img src=\"images/dot1.gif\">";}else{$order4=1;$order=" ASC ";$image4 = "<img src=\"images/dot2.gif\">";}
			   break;
			case 5:
			   $by = "js_city";
               if($_GET[order5]==1){$order5=2; $order=" DESC ";$image5 = "<img src=\"images/dot1.gif\">";}else{$order5=1;$order=" ASC ";$image5 = "<img src=\"images/dot2.gif\">";}
			   break;
           case 6:
               $by = "js_state";
               if($_GET[order6]==1){$order6=2; $order=" DESC ";$image6 = "<img src=\"images/dot1.gif\">";}else{$order6=1;$order=" ASC ";$image6 = "<img src=\"images/dot2.gif\">";}
			   break;
		   case 7:
                $by = "js_country";
               if($_GET[order7]==1){$order7=2; $order=" DESC ";$image7 = "<img src=\"images/dot1.gif\">";}else{$order7=1;$order=" ASC ";$image7 = "<img src=\"images/dot2.gif\">";}
			   break;
		   case 8:
                $by = "js_newsmailist";
               if($_GET[order8]==1){$order8=2; $order=" DESC ";$image8 = "<img src=\"images/dot1.gif\">";}else{$order8=1;$order=" ASC ";$image8 = "<img src=\"images/dot2.gif\">";}
			   break;
		   case 9:
                $by = "js_regtime";
               if($_GET[order9]==1){$order9=2; $order=" DESC ";$image9 = "<img src=\"images/dot1.gif\">";}else{$order9=1;$order=" ASC ";$image9 = "<img src=\"images/dot2.gif\">";}
			   break;
		   case 10:
                $by = "js_status";
               if($_GET[order10]==1){$order10=2; $order=" DESC ";$image10 = "<img src=\"images/dot1.gif\">";}else{$order10=1;$order=" ASC ";$image10 = "<img src=\"images/dot2.gif\">";}
			   break;
		   case 11:
                $by = "js_uname";
               if($_GET[order11]==1){$order11=2; $order=" DESC ";$image11 = "<img src=\"images/dot1.gif\">";}else{$order11=1;$order=" ASC ";$image11 = "<img src=\"images/dot2.gif\">";}
			   break;
		}
		
		$order = " ORDER BY $by $order";
		$nav->execute("SELECT * FROM ".$db_prefix."candidates $order");

    }
	
    echo $nav->title("Candidates list");
    echo $nav->pagenav();

    echo "<table border=\"0\" width=\"100%\" cellpadding=\"4\" cellspacing=\"1\" class=\"tableoutline\">
	<script type=\"text/javascript\" src=\"http://download.skype.com/share/skypebuttons/js/skypeCheck.js\"></script>
	           <tr><td colspan=7><input type=button value=\"Add New Candidates\" onclick=\"location.href='candidates.php?action=add'\"></td></tr>
               <tr align=\"center\" class=\"tbhead\">
                 <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order1=$order1&swh=1\">$image1 First Name </a></td>
				 <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order2=$order2&swh=2\">$image2 Last Name </a></td>		
                 <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order11=$order11&swh=11\">$image11 Username </a></td>
                 <td nowrap  width=\"10%\"> Service Code </td>
			     <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order3=$order3&swh=3\">$image3 Industry </a></td>
				 <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order4=$order4&swh=4\">$image4 Job Title </a></td>
                 <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order5=$order5&swh=5\">$image5 City </a></td>
                 <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order6=$order6&swh=6\">$image6 State </a></td>
				 <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order7=$order7&swh=7\">$image7 Country </a></td>
				 <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order8=$order8&swh=8\">$image8 Newsletter </a></td>
                <td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order9=$order9&swh=9\">$image9 Register Date </a></td>
				<td nowrap  width=\"10%\"><a href=\"candidates.php?action=list&offset=$_GET[offset]&order10=$order10&swh=10\">$image10 Member Status</a></td> 
				 <td nowrap  width=\"20%\"> Action </td>
               </tr>\n";
    while ($list = $DB->fetch_array($nav->sql_result)){
		if($list[js_newsmailist]==1){$newslist = "Yes" ;}else{$newslist = "No" ;}
           echo "<tr class=".getrowbg().">
					  <td align=\"left\">".$list[js_fname]."</td>
					  <td align=\"left\">".$list[js_lname]."</td>
					  <td align=\"left\">".$list[js_uname]."</td>
					  <td align=\"left\">".$list[js_servicecode]."</td>
					  <td align=\"left\">".$jobcategory[$list[js_industry]]."</td>
					  <td align=\"left\">".$list[js_title]."</td>
					  <td align=\"left\">".$list[js_city]."</td>
					  <td align=\"left\">".$state[$list[js_state]]."</td>
					  <td align=\"left\">".$country[$list[js_country]]."</td>
					  <td align=\"left\">".$newslist."</td>
					  <td align=\"left\">".date('m/d/Y',$list[js_regtime])."</td>
					  <td align=\"left\"><select name=\"status\" onchange=\"changestatus('candidates.php','".$list[js_id]."',this.options[this.options.selectedIndex].value)\">
						  <option value='0' ";
					if($list[js_status]==0) echo " selected ";
			              echo ">Starter</option>
						  <option value='1' ";
					if($list[js_status]==1) echo " selected ";
			              echo ">Active</option>
						  <option value='2' ";
					if($list[js_status]==2) echo " selected ";
			              echo ">Expired</option></select></td>
                      <td align=\"left\" nowrap><a href=\"candidates.php?action=view&offset=$_GET[offset]&id=$list[js_id]\">View</a> | <a href=\"candidates.php?action=mod&offset=$_GET[offset]&id=$list[js_id]\">Edit</a> | <a href=\"candidates.php?action=kill&offset=$_GET[offset]&id=$list[js_id]\">Delete</a>";
    }
	if(empty($total[count])){
			echo "<tr><td><font color=red>No results!</font></td></tr>";
   }
    echo "</table>\n";
    echo $nav->pagenav();
}

if ($_GET[action]=="kill"){
    $cpforms->formheader(array('title'=>'Sure to delete this?'));
    $cpforms->makehidden(array('name'=>'action',
                                'value'=>'remove'));
    $cpforms->makehidden(array('name'=>'candidatesid',
                                'value'=>$_GET[id]));
	$cpforms->makehidden(array('name'=>'offset',
                                'value'=>$_GET[offset]));
    $cpforms->formfooter(array('confirm'=>2));
}


if( $_POST[action]=="remove"){
    $DB->query("DELETE FROM ".$db_prefix."candidates WHERE js_id='$_POST[candidatesid]'");
    redirect("./candidates.php?action=list&offset=".$offset,"<font color=red>Deleted Successfully!</font>");
}



if ($_POST[action]=="doinsert"){
	
    $username       = htmlspecialchars(trim($_POST[user_name]));
	$password       = md5(trim($_POST[password]));
	$firstname      = htmlspecialchars(trim($_POST[firstname]));
	$lastname       = htmlspecialchars(trim($_POST[lastname]));
	$email          = htmlspecialchars(trim($_POST[email]));
	$phone          = htmlspecialchars(trim($_POST[phone]));
	$jobtitle       = htmlspecialchars(trim($_POST[jobtitle]));
	$industry       = htmlspecialchars(trim($_POST[industry]));
	$skype          = htmlspecialchars(trim($_POST[skype]));
	$address        = htmlspecialchars(trim($_POST[address]));
	$locity         = htmlspecialchars(trim($_POST[locity]));
	$lostate        = htmlspecialchars(trim($_POST[lostate]));
	$lozip          = htmlspecialchars(trim($_POST[lozip]));
	$locountry      = htmlspecialchars(trim($_POST[locountry]));
	$howus          = htmlspecialchars(trim($_POST[howus]));
	$newsmailist    = htmlspecialchars(trim($_POST[newsmailist]));
	$servicecode    = htmlspecialchars(trim($_POST[servicecode]));

	$sql_1  = " select ep_uname,ep_pword from pa_employer where ep_uname = '".$username."' ";
	$arr1 = $DB->fetch_one_array($sql_1);
	$sql_2  = " select js_uname,js_pword from pa_candidates where js_uname ='".$username."'";
	$arr2 = $DB->fetch_one_array($sql_2);
	$sql_3  = " select rc_uname,rc_pword from pa_recuiter where rc_uname ='".$username."'";
	$arr3 = $DB->fetch_one_array($sql_3);
	$sql_4  = " select ad_uname,ad_pword from pa_advisory where ad_uname ='".$username."'";
	$arr4 = $DB->fetch_one_array($sql_4);
       
    $deadline = $deadline_conf_month + time();
	if(empty($arr1)&&empty($arr2)&&empty($arr3)&&empty($arr4)){
		   $sql = "INSERT INTO `pa_candidates` (  `js_servicecode` , `js_uname` , `js_pword` , `js_fname` , `js_lname` , `js_address1` , `js_industry` , `js_title` , `js_skypeid` , `js_city`,`js_state`,`js_zip`,`js_country` , `js_phone` , `js_howus` , `js_newsmailist` , `js_email` , `js_regtime` , `js_deadline` , `js_status` ) 
			VALUES (
			 '".$servicecode."', '".$username."', '".$password."', '".$firstname."', '".$lastname."', '".$address."', '".$industry."', '".$jobtitle."', '".$skype."', '".$locity."','".$lostate."','".$lozip."','".$locountry."','".$phone."','".$howus."', '".$newsmailist."', '".$email."', '".time()."', '".$deadline."', '0'
			);
			";
   			$DB->query($sql);
	}else{
	 pa_exit("<h3 style=\"color:red\">The username is already taken. Please choose another one.</h3>");
	}

     redirect("./candidates.php?action=list","<font color=red>Added Successfully!</font>");
}


if ($_POST[action]=="update"){

	$password       = md5(trim($_POST[password]));
	$firstname      = htmlspecialchars(trim($_POST[firstname]));
	$lastname       = htmlspecialchars(trim($_POST[lastname]));
	$email          = htmlspecialchars(trim($_POST[email]));
	$phone          = htmlspecialchars(trim($_POST[phone]));
	$jobtitle       = htmlspecialchars(trim($_POST[jobtitle]));
	$industry       = htmlspecialchars(trim($_POST[industry]));
	$skype          = htmlspecialchars(trim($_POST[skype]));
	$address        = htmlspecialchars(trim($_POST[address]));
	$locity         = htmlspecialchars(trim($_POST[locity]));
	$lostate        = htmlspecialchars(trim($_POST[lostate]));
	$lozip          = htmlspecialchars(trim($_POST[lozip]));
	$locountry      = htmlspecialchars(trim($_POST[locountry]));
	$howus          = htmlspecialchars(trim($_POST[howus]));
	$newsmailist    = htmlspecialchars(trim($_POST[newsmailist]));
	$servicecode    = htmlspecialchars(trim($_POST[servicecode]));


	if($_POST[password]){
	  $pwd =  "`js_pword`='$password' ,";
	}
    $sql = "UPDATE ".$db_prefix."candidates 
	                 SET 
					 ".$pwd."
					`js_fname`='".$firstname."'  ,
				    `js_lname`='".$lastname."'  ,
				    `js_title`='".$jobtitle."'  ,
					`js_address1`='".$address."' ,
					`js_industry`='".$industry."' ,
					`js_country`='".$locountry."' , 
					`js_howus`='".$howus."' ,
					`js_servicecode` = '".$servicecode."',
					`js_newsmailist`='".$newsmailist."',
					`js_skypeid`  = '".$skype."',
					`js_state`='".$lostate."' , 
					`js_zip`='".$lozip."',
					`js_city`= '".$locity."', 
					`js_phone`='".$phone."' ,
					`js_email`='".$email."' 
					WHERE js_id= '".$_POST[id]."'";
	$DB->query($sql);

    redirect("./candidates.php?action=list&offset=".$offset,"<font color=red>Modified Successfully!</font>");
}
cpfooter();
?>